What to Do If You Receive a Legitimate “Unusual Account Activity” Notice
Sadly, it’s all too common for consumers to receive notices of “unusual account activity” these days. Yes, service providers might send out these letters after learning of a data breach that affected a large portion of their customer base. But sprawling security incidents aren’t the only motivation here for issuing these types of notifications. Indeed, you might receive such a letter of disclosure following a much more small-scale, even personal, security event.
I recently experienced this first hand.
An Intriguing Letter from my cellular provider
This past week, I received a letter in the mail from my provider. In its notice, customer service warned me of “unusual account activity” associated with my online account. “Unusual account activity” is not something that anyone wants to hear. More than that, it’s a phrase that tends to raise red flags among savvy users these days, as it’s a common lure employed by phishers and other digital attackers.
That being said, I was still intrigued as to what this could possibly be. So I kept reading. Here’s a copy of the notice I received:
By the time I finished reading the notice, the carrier had my full attention. Someone had possibly stolen my username and password for my account. But how? Even more concerningly, had they managed to do anything with my account?
I turned to Google to see if I had perhaps missed any security announcements or anything else along those lines, but I came up empty for anything current. That’s when I decided to reach out to customer service. Fortunately, I was able to get some information.
The support rep with whom I spoke told me that someone had gone into a one of the carriers many retail locations on June 26th and had attempted to access my account. This representative identified the store in question as #3249. While the agent was not able to confirm the physical location using their system at that time, we both took an educated guess (aka Google) that it was a location in lower Manhattan. Fortunately, the carrier detected the activity and reset my passwords which I had used on my account before I even learned about the attempted fraud.
Perspective on This Type of Incident
Needless to say, this incident got me thinking. Had it just been me which this unknown individual had targeted? Or had others received these letters recently?
Either way, these types of attacks aren’t uncommon. Back in 2016, the Federal Trade Commission relayed one consumer’s story where an attacker walked into a mobile phone store, impersonated the consumer, requested to upgrade the consumer’s mobile phones and walked out of the store with two new iPhones assigned to the consumer’s mobile phone numbers. After speaking with their carrier and requesting records related to the incident, the consumer learned that the fraudster had used a fake ID and their own name to access the consumer’s account at a store located hundreds of miles from where the consumer lived.
How Consumers Can Protect Themselves
This incident underscores the importance of consumers taking steps to secure their mobile accounts against fraudsters. Fortunately for me, my carrier has several layers of security associated with online user accounts. First, there is the password (8-20 characters, upper and lower case, numbers, and symbols). Additionally, you need to provide a four-digit pin and the typical security questions. There is also a two-factor authentication (2FA) feature where the carrier will send you a One-Time Passcode (OTP) via SMS-based message.
As I reset the password on my account, I find myself moved to point out how important it is to never reuse passwords across sites. You should always look for ways to have the site further authenticate you such as by using 2FA or OTP. Moreover, don’t forget to use obscure security questions to help you maintain access to your account.